600K Medicare beneficiaries’ data accessed in breach

The following is from Yahoo News.

The personal information of 612,000 Medicare beneficiaries were accessed in a sweeping data breach that affected what could be hundreds of organizations, including the government contractor, Maximus Federal Services.

The Centers for Medicare & Medicaid Services (CMS) announced in a press release Friday that it is notifying people affected by the data breach, which could have affected information including beneficiaries, names, Social Security numbers, medical histories, diagnoses and other personal details.

No CMS or Health and Human Services systems have been affected, according to the CMS.

CMS and Maximus, a CMS contractor that assists in the Medicare appeals process, are sending letters to those “potentially affected” and are offering recipients two years of free credit monitoring services.

The letter also provides information on steps to take to receive a new Medicare Beneficiary Identifier number, for the people for whom that is relevant.

The data breach targeted a security vulnerability in the MOVEit software, a third-party application Maximus uses to facilitate the transfer of files during the appeals process.

Maximus determined that at least 8 million to 11 million people were affected by the data breach, including the 612,000 Medicare beneficiaries notified.

The attack took place approximately from May 27-31, according to the most up-to-date information in the CMS ongoing investigation.

Reports indicate that the data breach could have affected more than 400 organizations, affecting approximately 23 million people’s information.

Russian ransomware group Clop reportedly claimed responsibility for the attack.

Link to CMS’ press release here.

Visit the Lemonade Mermaid Store today

Original and Custom items for Land or Sea Mermaids

Leave a Comment

Your email address will not be published. Required fields are marked *

2 thoughts on “600K Medicare beneficiaries’ data accessed in breach”

  1. This article and I Told You Sharyl in my past year and a half posting comments on your website here about These devices are the Gateway Brothel of Organized Cyber Crime 24/7. There Not really safe anymore to be doing Business on or putting personnel info on or any intellectual property on ? These people should pay for Credit Monitoring ? If Law makers cannot control things in the old internet Network environment , Then How you going to control A.I. Environments = False Prophets ?

  2. Anthem breach of 2015 impacting 78.8 million patient records resulted in a $16 million penalty for HIPAA violations
    Premera Blue Cross breach of 2015 impacting 10.5 million patient records resulted in a $6,850,000 penalty for HIPAA violations
    Excelus Health Plan breach of 2015 impacting 9.4 million patient records resulted in a $5,000,000 fine for HIPAA violations

    A total of $117,860,940 has been paid in HIPAA violations from 2015 until now.

    I wonder what CMA will pay?

Scroll to Top